Configuring AAA Services on Cisco IOS XR Software
DETAILED STEPS
Command or Action
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Step 2
aaa authorization {commands | exec | network}
{default | list-name } {none | local | group
{tacacs+ | radius | group-name}}
Example:
RP/0/RP0/CPU0:router(config)# aaa authorization
commands listname1 group tacacs+
Purpose
Enters global configuration mode.
Creates a series of authorization methods, or a method list.
The commands keyword configures authorization for
•
all EXEC shell commands. Command authorization
applies to the EXEC mode commands issued by a user.
Command authorization attempts authorization for all
EXEC mode commands.
The exec keyword configures authorization for an
•
interactive (EXEC) session.
The network keyword configures authorization for
•
network services like PPP or IKE.
The default keyword causes the listed authorization
•
methods that follow this keyword to be the default list
of methods for authorization.
A list-name character string identifies the authorization
•
method list. The method list itself follows the method
list name. Method list types are entered in the preferred
sequence. The listed method list types can be any one
of the following:
none—The network access server (NAS) does not
–
request authorization information. Authorization
always succeeds. No subsequent authorization
methods will be attempted. However, the task ID
authorization is always required and cannot be
disabled.
local—Uses local database for authorization.
–
Cisco IOS XR System Security Configuration Guide
How to Configure AAA Services
SC-209